Support User Manuals

Cisco Systems Linksys PAP2 Telephone Accessories User Manual

Open as PDF

of 117

An encrypted CFG file requires either a password (or quoted pass-phrase) or a hex-string. The

following lines illustrate command-line invocations for various combinations of keys and algorithms.

spc –-rc4 –-ascii-key apple4sale pap2.txt pap2.cfg

spc –-aes –-ascii-key lucky777 pap2.txt pap2.cfg

spc –-aes –-ascii-key “my secret phrase” pap2.txt pap2.cfg

spc –-aes –-hex-key 8d23fe7...a5c29 pap2.txt pap2.cfg

A CFG file can be both targeted and key encrypted, as suggested by the following example:

spc –-target 000e08aaa010 –-aes –-hex-key 9a20...eb47 a.txt a.cfg

The status messages printed by spc can be suppressed with the “--quiet” command line option. Or

they can be redirected to a file, with the “--log file_name” command line option. In the latter case, the

spc command line invocation itself is also printed in the log file, preceded by a timestamp.

spc –-quiet . . .

spc –-log prov.log . . .

3.1.2. Encrypting and Compressing XML configuration files

The Linksys PHONE ADAPTER supports encrypted XML configuration profiles. This can be used for

subsequent configuration files stored on or generated by either TFTP or HTTP servers. When used

in concert with HTTPS for initial config, this provides complete security, but only uses the HTTPS

server for initial enrollment. For example, an example configuration file in XML setup to download an

encrypted XML file via HTTP looks like this:

<flat-profile>

<Profile_Rule>[--key $B] http://config.provider.net/linksys/established/$MA.xml

</Profile_Rule>

<Resync_Periodic>86400</Resync_Periodic>

<GPP_B >9b4cef5677a129</GPP_B>

<Admin_Passwd>9b4cef5677a129</Admin_Passwd>

<Proxy_1_>sip.provider.net</Proxy_1_>

<User_ID_1_>1234567890</User_ID_1_>

<Password_1_>YhJ89_Luk4E</Password_1_>

<Display_Name_1_>1234567890</Display_Name_1_>

<Line_Enable_2_>0</Line_Enable_2_>

</flat-profile>

An XML configuration file can be encrypted using the openssl command line utility as shown below.

(Note that aes encryption is available beginning with OpenSSL versions 0.9.7. OpenSSL is freely

available from http://www.openssl.org )

openssl aes-256-cbc -e -in cleartextconfig -out encryptedconfig -k 9b4cef5677a129

© 2004 Linksys Proprietary (See Copyright Notice on Page 2)

24

previous next